PenTestIT

Your source for all things Information Security!

You are here: Home / 2020 / Archives for March 2020

Archives for March 2020

UPDATE: Octopus v1.0

Posted: 6 months ago by 2112 views
Updated: at

Octopus v1.0 is now available. A brief mention about this tool can be found in my previous post titled List of Open Source C2 Post-Exploitation Frameworks. This is the first stable version of Octopus C2 which now supports Cobalt Strike deployment, auto kill functionality, command logging, bug fixes and inclusion of other features. Read more about UPDATE: Octopus v1.0

UPDATE: MITRE CALDERA 2.6.5

Posted: 6 months ago by 2606 views

MITRE CALDERA 2.6.5 is now available! My last post about CALDERA from MITRE was about MITRE CALDERA 2.5.1 and as you remember, this awesome adversary emulation system was listed in my older post titled – List of Adversary Emulation Tools. This release includes a new plugin - Training. It has been designed in a capture-the-flag style and generates a Caldera certificate upon Read more about UPDATE: MITRE CALDERA 2.6.5

UPDATE: Tsurugi Linux 2020.1

Posted: 7 months ago by 170 views

Tsurugi Linux 2020.1 has now been released. I briefly mentioned it in my older post titled List of Operating Systems for OSINT and my last post was about Tsurugi Linux 2019.2. This post discusses the updates made to the latest version of Tsurugi Linux such as bug fixes, updates and addition of new tools. Read more about UPDATE: Tsurugi Linux 2020.1

UPDATE: FudgeC2 0.5.5

Posted: 7 months ago by 501 views
Updated: at

FudgeC2 0.5.5 was released recently. As you may remember, this awesome adversary emulation system was listed in my older post titled – List of Open Source C2 Post-Exploitation Frameworks and FudgeC2 0.5.4. This newer version allows you to screenshot the desktop of any hosts with an implant. What is FudgeC2? FudgeC2 is a PowerShell C2 platform designed to facilitate Read more about UPDATE: FudgeC2 0.5.5

Tentacle: A Vulnerability & Exploitation Test Framework

Posted: 7 months ago by 2364 views

Yesterday, I was searching for a PoC of a Spring Cloud Config vulnerability. The first result that Google returned was for a cool vulnerability and exploit testing framework - Tentacle. Cherry on the top was that this is open source and has been coded in Python3! This post is an attempt at listing the different nuances of this open source exploitation framework. Read more about Tentacle: A Vulnerability & Exploitation Test Framework